Twilio suffers data breach after its employees were targeted by a phishing campaign

Digital communication platform Twilio was hacked after a phishing campaign tricked its employees into revealing their login credentials (via TechCrunch). The company disclosed the data breach in a post on its blog, noting that only “a limited number” of customer accounts were affected by the attack. Twilio allows web services to send SMS messages and place voice calls over telephone networks and is used by companies including Uber, Twitter, and Airbnb.

The hack occurred on August 4th and involved a bad actor sending SMS messages to Twilio employees that asked them to reset their password or alerted them to a change in their schedule. Each message included a link with keywords, like “Twilio,” “SSO” (single sign-on), and “Okta,” the name...

Continue reading…